01:56:31 Mine has too, the qt webengine, but it's due to a depends that keeps looping. I believe it was alsa-plugins causing it. I forget "why" it said. 02:06:42 I'm a bit confused about boot environment stuff. it looks like my current BE is zroot/ROOT/default, but /usr is zroot/usr, a separate mount point. if I created a new BE and upgraded that, wouldn't that alter /usr and thus affect the backup BE? 02:07:47 or will creating a new BE not only make a clone of zroot/ROOT/default but also of zroot/usr? 02:19:34 I think it does, but only if you specify "bectl create -r ..." 02:31:58 so reading the bectl man page stuff about boot environment structures, just running into additional confusion. it's talking about how the default auto ZFS configuration from the installer has zroot/usr with "canmount" set to off, thus /usr falls under the BE since zroot/usr isn't mounted, but zfs list clearly shows zroot/usr mounted at /usr 02:35:22 the man page is also saying that -r is not intended for the "shallow" structure I'm currently using 02:37:14 zfs list gives hints that zroot/usr isn't actually being used for anything, like it's only got 288KB space used, and mount shows that it's not actually mounted. I'm confused about why the installer even created this dataset, and why zfs list tells me its mount point is at /usr. it seems like the installer is making datasets for no reason, and zfs list is lying to me 02:40:20 how do i make links and stuff like that 02:40:26 like send a person a link 02:46:08 link to what? 02:46:25 like in general 02:46:39 you mean share a image or a pdf file with another person on irc? 02:46:59 i found which header common.h includes the wolfssl headers for the str.c imports 02:47:18 yes like send someone Hi this is a Instant Message google.com 02:48:45 do you mean private message? 02:55:03 YES 02:55:10 that is a must 03:02:10 you can private message people on this chat 03:02:22 write '/msg gry hi', it will be private message to me, for example 03:02:36 but it is not recommended to ask people questions about e.g. linux or freebsd in private messaging 03:02:48 most people answer such questions only in the channels, not in private messages 03:03:14 because they are not always available, and may have errors in their responses. talking in channel means someone else can correct or help out while gry is away 03:04:52 Also, not everyone is willing to accept private messages. Some configure their IRC client to discard those. 03:18:34 can anyone here elaborate on why zroot/usr even exists if it's not actually used? 03:39:50 lets see what 6.1 menuconfig looks like 03:42:00 trying to get pkgbase set up now, and I'm not seeing a way to set the repository as not automatic (as in, "pkg update" will not queue upgrades unless the pkgbase repo is manually specified) 03:42:12 is this just not possible or am I missing something? 03:45:14 tm512: it can be, i forget what theyre called, but a kind of anchor point for the fs structure 03:45:38 that way you can group a bunch of subtrees under that common node 03:46:02 mynam: ye alsaplugins seems to be the problem 03:50:17 currently installing everything from pkgbase. I hope this decision doesn't bite me in the ass later, but boot environments seem to make this very low-risk 03:50:50 if I break the system to the point of it being unbootable I could just boot into the last working BE, mount the broken one, and do what I need to fix it 04:09:03 interesting, the kernel from pkgbase doesn't actually give any build date: FreeBSD merak 14.0-STABLE FreeBSD 14.0-STABLE stable/14-n266669-a9ef2c901a8b GENERIC amd64 04:18:28 what do you mean zroot/usr is not used? 04:25:18 I clarified exactly what I mean, it shows barely any disk space used (under 1MB) and isn't being mounted at /usr according to mount 04:25:25 it has canmount=off 04:26:08 though now after creating a new BE and upgrading the base system through pkgbase, suddenly zroot/usr has almost 1GB in it yet it still isn't showing as being mounted 04:26:26 this stuff doesn't really make sense 04:26:39 bbl 04:35:25 zroot/usr isn't mounted in the standard BE setup, it just exists so that some datasets underneath it can be (generally for different configuration) 04:35:58 so anything that doesn't have its own mounted dataset under zroot/usr falls into the BE dataset 04:37:58 (likewise /var on a normal zfsroot systm) 04:49:06 great opportunities to make a seperate zpool to hold those things too 04:54:55 tm512: did you read? 04:55:21 its a feature 05:00:28 kevans: so it wanted the zroot/usr dataset to be part of the BE setup, I set it for canmount=on? 05:01:01 *if I wanted 05:07:39 ah, nevermind, having it default at canmount=off makes it part of the BE layout. 05:20:21 cedb: yes, I read what you wrote, doesn't really clarify much for me. I still don't understand what zroot/usr even has on it 05:21:05 tm512: it has nothing. it only exists so other things can exist under it, like usr/src and usr/ports 05:21:40 ah 05:21:42 and yes, this is a bit odd. but it avoids an issue with shallow boot environments where /usr isn't copied 05:22:13 it would make more sense to just move src and ports to /src and /ports with zfs root but... you know... tradition (and UFS users) :-) 05:23:44 if ZFS's memory issues on small systems are ever fixed (and 32-bit systems are retired), maybe we can get rid of both UFS and /usr at the same time, just put everything on / like GNU Hurd does 05:24:12 greybeards will explode but this clearly makes sense 05:24:55 it makes sense to have a common parent for a bunch of nodes even if it cant have data itself... 05:25:30 cedb: if /usr has to exist, then sure, the unmounted usr filesystem is fine. but it also makes sense to just remove /usr entirely 05:25:31 tm512, I bookmarked this previous forum discussion which explains zroot/usr in some detail. https://forums.freebsd.org/threads/why-are-usr-and-var-not-in-a-boot-environment.59844/ 05:25:32 Title: ZFS - Why are /usr and /var not in a boot environment? | The FreeBSD Forums 05:26:32 /usr dates from the days of the PDP-11 where a single disk was too small to contain the entire OS, so you had to put some of it on / and some on /usr. 45 years later, this is just legacy cruft 05:26:59 lw: i dont know anything about the layout debates but i mean in general for zfs its useful 05:27:16 that way one can take a snapshot of a bunch of datasets at the same time for example 05:27:22 cedb: why do you find it useful? (i'm not arguing, i'm actually curious if there's a use case for /usr, especially on zfs) 05:27:59 lw: multiple roots on zfs? set canmount=noauto or off for the one not used 05:28:52 I think if Ken Thompson were doing it a second time that instead of / and /usr I can imagine it would be /os and /usr and usr would really remain the user disk on this imaginary second time around. 05:28:58 cedb: i don't think you need /usr for multiple roots. just have zroot/src and zroot/ports, they'll be shared between BEs the same way /usr/src and /usr/ports are today 05:30:43 lw im not talking about /usr specifically, just the concept of of having empty datasets 05:31:13 cedb: oh sure. i'm not arguing against the existence of zroot/usr as it is today... it's a bit confusing the first time you see it, but it makes sense to have it 05:31:14 zroot/usr a placeholder template so that other datasets can inherit from it. 05:31:20 i just imagine a future where usr doesn't exist at all :-) 05:31:49 And there nothing stopping anyone from reconfiguring their /usr/{src,ports} dataset mountpoints to /{src,ports} anyway 05:32:02 Since it has been all of these years I am hoping it does not change but I could certainly imagine an alternate timeline where things are different and still self-consistent and working. 05:32:52 rwp: the only issue i can see here is people with ancient systems that have been upgraded across multiple FreeBSD versions, running UFS, with separate /usr slice. then if you suddenly move everything to /, they will be a bit screwed. but that's a pretty niche use case nowadays... 05:33:59 I think it would all work to change it but then it would be different. 05:34:00 The only thing getting in the way of Just Changing It Locally is that then forever things are uniquely different for you on that system and everyone else is doing things the other way. 05:34:31 idk i like having longer prefixes 05:35:52 rwp: on a technical level, that's what everyone does with their systems using ports :P 05:37:18 The way ports "take over" /usr/local took me some getting used to. I rather wish pkgs went in /usr/ports intead (like NetBSD?) and that way /usr/local would just be for truly local installations. But I understand how things arrived there with compiled ports. 05:37:56 yeah, i dislike that too. i wanted to move my ports to /opt/pkg but that means you can never use compiled ports... and building ~900 packages for my desktop from source just takes far too long 05:40:02 But conceptually it is definitely possible to use different file system organizations. I have not test driving this yet but I want to test drive Gobo because they are using an interesting (interesting in a good way) file system layout. 05:40:12 Check this out: https://wiki.gobolinux.org/Overview/What-Makes-GoboLinux-Unique/index.html 05:40:13 Title: What makes GoboLinux unique :: GoboLinux Documentation 05:40:20 And also https://wiki.gobolinux.org/Overview/GoboLinux-Filesystem-Hierarchy/index.html 05:40:22 Title: GoboLinux Filesystem Hierarchy :: GoboLinux Documentation 05:40:59 They have basically organized things by topic rather than by type. I call that a 90-degree turn in how to look at and organize things. 05:41:06 so zroot/usr existing only for /usr/src and /usr/ports makes sense, I think I was being thrown off by zfs saying it was mounted on /usr even though it wasn't, and I almost would've expected zroot/{ports,src} instead with them being mounted at /usr/{ports,src} instead of there being a whole zroot/usr dataset just to contain those two 05:42:10 unless mounting zroot/ports to /usr/ports would be more complicated than what the zfs startup script is doing to auto-mount things 05:43:06 That forum link I posted above discusses things pretty well. It's just a mount point to use for inheritance and to fork those off of the root boot environment. 05:43:29 rwp: yeah, reflecting back on trying Gobo, I kind of wish they didn't alter the caps of the original package names in their /Programs directory 05:44:24 kenrap, I must imagine that the author came from a MS type background since it rather looks like that to me. But current Android also uses that convention too so maybe from there. Don't know. 05:44:33 tm512: sounds like you need to read about zfs a little, which is fair, its not exactly simple 05:45:04 i messed up my "multiple roots" on zfs setup once which was..not fun 05:45:26 To be fair that question about zroot/usr is frequently asked by many people who encounter it and go, what's up with that? A lot of people ask that question. 05:47:45 rwp: that's my only nitpick, rather than /Programs/LibPNG as mentioned on the site, just leave it as /Program/libpng, so it's easier to tab complete for the package names and be consistent with projects name case-wise 05:48:31 And I am oldschool where no self-respecting person would use anything but lower case letters, no vowels, and definitely no whitespace! 05:48:36 rwp: ye no shades i just meant, since zfs seems to be endorsed as a "why use ufs when you can zfs" one might expect to not have that much reading to do when in reality ehhh 05:49:02 Don't forget the "zroot/var" which is not mounted; is used to throw /var stuff around ( https://tech.lgbt/@parvXtl/110881340918873940 ) 05:49:03 Title: parvXtl: "#FreeBSD #var_strewn_about #bootEnvironment #boot…" - LGBTQIA+ and Tech 05:49:55 cedb, I had zfs save me on a flaky bit of hardware last year and now I feel I owe it one. I have stopped using UFS except for the smallest of RAM systems. 05:50:36 And so far though sometimes people ask, what's up with that, there wasn't anything that anyone NEEDED to read or know. It all worked out of the box without needing to know that particular detail. 05:53:35 kenrap: yeah, the opposite; if it's mounted, then data in /usr is no longer part of the BE 05:53:36 cedb: I have been reading about it 05:54:22 I'm glad the automatic ZFS configuration the installer did was at least a sane configuration, so I can take this bit-by-bit 05:57:10 disk configuration giving sane defaults isn't something that's a given. in particular I strongly dislike when disks get broken up into tons of partitions as if I want to have an explicit cap on each main directory's disk usage 05:57:24 kevans: I found out by reading the fine manual here under "Boot Environent Structures": https://man.freebsd.org/cgi/man.cgi?query=bectl&manpath=FreeBSD+15.0-CURRENT, even learned there were differences with shallow and deep BEs by using canmount=off and canmount=noauto respectively. 05:57:25 Title: bectl 05:57:25 also re: zfs, it just occured to me today that if i do need to install Linux (for gaming), i could just install it on another boot environment (i.e., a filesystem under zroot/ROOT), boot it from EFI, and share my home directory etc. with freebsd. which is neat 05:59:13 If there is a problem it is that datasets are too lightweight and too efficient. And then people figured out how to use them in clever ways to provide for features like boot environments. And so then we have multiple datasets right from the start. But if you looked at my system you would find that I have created a lot of datasets for various uses. Because they are so easy. 06:00:59 kenrap: ah, glad I could help. (I wrote that, too :-)) 06:01:28 kevans: awesome, you're the best! ;) 06:01:47 next thing I want to figure out about zfs is setting up an encrypted dataset to store passwords in and probably all of firefox's stuff as well. since this is a laptop, and the probability of theft is a bit higher 06:02:11 so if someone stole my laptop, they might get a free laptop out of it, but they're not going to get access to like, my paypal account or my bank account 06:02:38 tm512: I roll with GELI + a curse on my laptop for protection. it works really well 06:03:13 the curse is brilliant, the battery's fine but if you unplug from AC the laptop dies. 06:03:38 kevans: do you prefer geli over zfs native encryption? (because you can't boot from a natively encrypted dataset...?) 06:04:31 for that reason, but also for the longest time zfs' native encryption wasn't that stable/usable so GELI won out on my setups (and I haven't killed the habit of using GELI yet) 06:04:46 kevans, You actually drop the system when the AC is unplugged? Or your laptop just happens to drop when the AC is unplugged? I am rather in shock with the thought of it either way. 06:04:46 lw: theres this https://docs.zfsbootmenu.org/en/v2.3.x/ with instructions for different distros 06:04:47 Title: Overview — ZFSBootMenu 2.3.0 documentation 06:05:21 rwp: sort of makes sense with a little paranoia 06:05:22 cedb: interesting... i was actually meaning to look for a bootloader that could do this and wasn't grub, this looks handy. thanks 06:05:36 rwp: the latter, I think the integrated graphics end up drawing more power than spec'd or something to that effect, so the whole thing locks up 06:05:58 although it's not clear from that page if it can boot freebsd 06:06:16 it uses kexec so i guess not 06:06:30 The word "dies" that was used was disconcerting. I would see an immediate graceful shutdown maybe though. And now reading that gpu is pulling power to the point of drop maybe. Sigh. 06:06:48 this laptop also can't boot linux without panicking in i915kms, so the curse is very much so real 06:07:12 i think youd chainload with another bootloader first 06:07:14 It's cursed! What model of machine is it? 06:07:16 kevans: unrelated question, let's say you had a freebsd issue where the system completely hanged. how would you go about debugging that? 06:07:27 it's the initial iteration of the frame.work laptop 06:07:48 i guess first try over serial and see if it can still break into ddb? 06:07:49 lw: first step is see if the break-to-debugger sequence works to try and get a dump 06:08:04 I have a friend with one of those and so far I haven't heard him report problems. He runs Fedora on it. 06:08:04 yeah, serial also works if you have it 06:08:20 * kenrap would love to get his Arc A770 booting with drm-61-kmod's i915kms without it kernel panicking... 06:08:32 i don't have a serial UART on this system but i could connect a USB serial port... what is the break to debugger sequence? 06:08:54 (is this as simple as sending a serial BREAK?) 06:09:05 In this case though it seems like it does not matter what OS is running. I would start by seeing if it drops at the boot prompt. And then other systems. Isolate if it is truly hardware or not. 06:09:23 rwp: yeah, markj@ has another of this very same model. at the last bsdcan he had some linux on a flash drive to be able to drive the presentation displays... worked fine on his, panics on mine. no reports of weird instability from him 06:09:43 lw: serial BREAK is one, there's also a keyboard sequence... ALT+CTRL+ESC, maybe? let me double-check 06:09:51 kevans: already got geli loaded for encrypted swap, but it sounds like just using a native zfs encrypted dataset for what I want is going to be the cleaner approach rather than making a zvol and then piling geli and another filesystem on top 06:10:30 kevans, Just to be clear he was using his frame.work laptop, right? He wasn't using your frame.work laptop booting his USB boot image? 06:11:47 tm512, So far the wisdom has been not to put swap on zfs because zfs needs memory resources which also uses swap which can create a resource starvation deadlock. 06:11:57 rwp: right 06:12:50 So swap (so far) should always be always be on a non-zfs partition. And GELI supports ephemeral keys which are perfect for swap. Single use keys that evaporate. No one can scrape anything out of swap afterward. 06:12:56 rwp: it's not on zfs, it's a separate partition on the SSD that is encrypted with a temporary key 06:13:03 it's the installer's default for encrypted swap 06:13:14 That's all good then. No worries! 06:13:40 lw: there's one that's ~ ^B (see sys/kern/kdb.c:318-ish) -- but needs an option to enable it 06:13:45 rwp: i think swap on zfs is fine if you have enough memory. it's a problem if you're swapping due to serious memory pressure as it can deadlock 06:14:26 but you can't dump on zfs so... you probably need a separate swap slice anyway 06:14:29 kevans, That does sound like it is something specific about your frame.work machine. And if you had a bunch of spare parts you might be able to mix and match and swap GPUs and such and isolate to something specific that if swapped would avoid the problem. Can you boot on battery? Does it just boot for a while and then die? Obviously I don't need to know but it is an interesting curiosity. 06:14:57 rwp: I'm talking about zvols when it comes to having part of the drive encrypted 06:15:08 kevans: i don't have a sys/kern/kdb.c ... am i missing something obvious? 06:15:14 subr_kdb.c, sorry 06:15:20 ah 06:15:31 rwp: it'll actually run fine on battery until xfce fires up 06:16:13 but I generally have xfce fired up unless I'm hacking on an airplane, in which case I only don't have xfce fired up because I can't work on battery like that :-) 06:16:15 kevans: ok ic, so iiuc it's enough to have a (USB?) serial console connected, "options KDB", and type CR ~ ^B to break into kdb? 06:16:41 need to buy another USB serial adapter to try but this sounds fairly straightforward 06:16:43 KDB + ALT_BREAK_TO_DEBUGGER 06:16:52 (why does nothing come with serial ports nowadays...?) 06:17:04 That does sound like something in the graphics subsystem then. If it were me I might put it on a kill-a-watt meter to watch the power drain as it boots, disconnect the battery, boot it on AC power and see how much it spikes at that point. Might be a software workaround to slowly turn on GPU cores sequentially or something to avoid a sharp spike. 06:17:16 and I don't know offhand if USB serial as such will work, but if this is x86 you might have XHCI DbC support that could work with some WIP by hrs 06:17:38 is there a "write a crash dump and reboot" key sequence? 06:17:47 might be easier to debug this with a post-crash dump 06:18:11 rwp: the problem is that even if it's stable running xfce4 and oops unplug, it still goes awol... very annoying with cats 06:18:40 closest thing is break to debugger 06:18:52 Cats! And I bet that afterward they don't even show any sympathy at all. 06:19:08 not even a little bit 06:19:22 ALT_BREAK_TO_DEBUGGER is a kernel option? i don't see it listed in the default configs 06:19:31 yeah 06:19:43 alright, let's recompile with that and see what happens if the problems recurs 06:19:46 it's described a bit in sys/conf/NOTES 06:19:56 Speaking of serial ports, is there an installer image that would allow an install using the serial port console? Or must I build my own install image to do so? 06:20:24 rwp: doesn't that work on the default installer? i install bhyve VMs that way a few times 06:20:52 yeah, it should Just Work(TM). recent freebsd will even splat the installer out on all consoles rather than just the default console 06:22:17 I know 13 does not so I assume recent means I should try 14 on a serial port install which I have not yet done. 06:23:17 can't speak to 13 but i've done this with 14 and 15 06:23:33 on EFI though, maybe it's different with that awful CSM loader 06:25:07 Oh that is another twist I had not thought about. It might also be related to Legacy BIOS boot versus UEFI versus CSM. 06:27:22 The time has come for me to relocate. Good night all! 06:28:31 nn 06:29:27 i am mildy impressed that playing Factorio under Wine with ported Linux amdgpu GPU, my CPU is still idling at 2.2GHz / 32C 06:29:50 not sure who to be impressed by here though, maybe the Factorio developers for writing a game that actually uses CPU efficiently :-) 06:30:29 bleh so this *.pkgsave crap with using pkgbase is rather annoying. but I'm guessing sitting and waiting for FreeBSD to compile would be more of an annoyance 06:38:32 tm512: i'm extremely dubious that pkgbase will be ready for 15.0 release (as some people claim) when it still has no equivalent of etcupdate 06:42:09 lw: it might be because the same game under wine at times can run better with FreeBSD than Linux, but that's a rare occurrence. So you might be experiencing that. 06:42:35 kenrap: tbf i haven't tested it under Linux so it might just as well there 06:42:45 I still can't shake the feeling that I could pull off binary upgrades to -STABLE by using the snapshot sets 06:42:53 also i'm using wine-devel 9.2 which is not in ports (i submitted the PR yesterday...) 06:43:23 like mounting a boot environment, extracting the sets into the BE, and running etcupdate between my current BE and the upgraded one. I dunno though 06:44:08 tm512: you could try building from source with meta mode. i think i might have scared you off that the other day but it's *probably* okay for -stable where there are fewer changes 06:45:10 well it sounds like that initial compilation is just going to be an ordeal 06:45:34 yeah, if you only have a dual core cpu that's going to take a while, but you can leave it overnight or something 06:46:16 lw: how does wine-devel 9.2 handle WoW64 for you, like dealing with the 32-bit stuff? 06:46:37 kenrap: not at all, terrible, 0% success. i had to install 32-bit i386 wine from pkg.freebsd.org to run a 32-bit app 06:47:07 Gotcha, thanks for sharing that 06:47:25 i know very little about Wine though so it's possible there's some secret option i could set to make that work better 06:49:01 lw: kinda want to get a better idea of this laptop's thermals before leaving it entirely unattended going at full blast, tbh. it's probably fine, though 06:50:48 just under moderate load I've seen it go above 60C whereas my desktop more or less tops out around 60-65C 06:51:18 60C isn't that bad, laptop CPUs can be rated to 80-100C 06:51:32 i used to have a Pentium M laptop that was rated for 100C, that got pretty warm 06:51:37 kind of a good comparison too because this laptop basically has the mobile version of the CPU I've got in my desktop. an i3-10110U in the laptop and an i3-10100 in my desktop 06:52:23 I know laptops leave a lot less space for the CPU to "breathe" but this is a much lower-powered CPU too 06:57:29 but yeah I'd like to monitor how the laptop handles sustained load, like the equilibrium point between the CPU's heat output and the laptop's cooling. maybe I'm just a bit on edge because of how toasty my old laptop gets. I ended up turning it on its side when compiling ffmpeg from source so that the exhaust fan was pointing directly up, in an attempt to help it cool more effectively 07:15:21 lw: pkgbase doesn't need etcupdate? 07:15:31 pkg does all of the config file merging 07:15:57 kevans: i find that hard to believe, some changes simply can't be merged automatically. for example, how does pkg merge the root /bin/sh change to /etc/master.passwd? 07:16:34 or does it actually have an etcupdate-like interface to do this, and it just doesn't work when doing the initial pkgbase install? 07:18:54 i'm actually not sure what it does on conflict, the /bin/sh change was long enough ago that I don't remember how I crossed over it 07:19:03 initial install is definitely special, because it doesn't know anything about the config files it's clobbering 07:19:30 but pkg does a 3way merge that can handle a significant chunk of changes 07:21:19 doesn't pkgbase do some kind of config file backup policy thing, like making a *.pkgsave of them or something like that? 07:21:58 i have never seen pkgbase do that, but that's probably because ports mostly installs ".sample" files and never overwrites existing config files 07:22:17 I guess I'm recalling something else then 07:22:24 |Credits: The water cooler. (Note, this is the requested credit) 07:22:27 heh 07:23:45 ah, FreeBSD-EN-24:02.libutil is nice too... it should obviously be an SA, but someone managed to massage it into an EN because it doesn't technically affect the base system 07:25:52 ports don't get merging at all 07:26:45 config files are specific to base, anything fron ports is sample by policy 07:27:15 (I sort of wish sysutils/cmdwatch would get merged into base, but oh well) 07:30:40 (don't ask me why, I suspect it's because we don't have any control over those so it's higher risk) 07:30:51 |Using kqueue(2) with a process using rfork(2) can panic the system. 07:30:56 how the fuck is this an EN 07:31:03 a local user can panic the system? clearly an SA 07:50:35 Found via -current@ list: Unsuitable SSD/NVMe hardware for ZFS - WD BLACK SN770 and others, https://github.com/openzfs/zfs/discussions/14793 c 202304 07:50:37 Title: Unsuitable SSD/NVMe hardware for ZFS - WD BLACK SN770 and others · openzfs/zfs · Discussion #14793 · GitHub 08:06:24 kevans: well I just upgraded my 14-STABLE system through pkgbase, it just clobbered everything in /etc. I had to restore my configuration through the backups it created 08:06:59 (the *.pkgsave files) 08:08:46 parv: i saw that thread, wasn't the problem just that user didn't cool the ssd enough? 08:09:01 granted many consumer SSDs don't make it clear how much cooling they need 08:09:49 lw: I have not reached that point mentioned yet; the comments are certainly interesting 08:10:06 s/ mentioned// 08:10:35 ... about half way there 08:26:07 Re ZFS issue 14793, OP did not mention if extra cooling solved their problem with WD SN770 08:26:24 ** sigh ** 08:26:32 parv: but imp@ did point out they had several temperature trips 08:27:24 lw, Wait are you talking about the issue on the mailing list or the above ZFS issue? 08:27:32 the mailing list 08:27:59 lw, Ah right. I have not gone throught _that_ thread yet. Thanks 08:32:07 i haven't looked at the zfs issue, i just read the thread as it seemed interesting 08:32:34 zfs eh 08:32:48 here machine just blew up with git 08:34:16 lw, Ok both read; both were interesting. (Next time: really need to get the SSd with heat sink & large(r) fans) 08:34:50 apparently git pull on ports asked to allocate up all the ram, so with 4g ram it was 3.6g wired, then kernel killed userland off to take more 08:35:12 was real wtf 08:35:27 * parv #interesting 08:36:28 had to limit git, but is it just git's fault? 08:38:15 note that i limited arc to 512m and kernel before it was like 256m so rest of that was that git, hmmm, mmapped? 08:38:53 sure, one could argue that everyone has 128g ram but meh 08:40:43 hw.physmem: 309188386816 08:40:59 some of us, anyway 08:41:30 ketas: there are ways to check out without using so much memory 08:41:34 ketas: were you asking about this in #bsdmips the other day? 08:41:49 yes 08:42:00 ah 08:42:03 and i solved it i think 08:42:13 yeah i was about to say, i thought you fixed that 08:42:35 well, by choking git, yes 08:44:01 rtprio: good for you 08:44:26 after i found this: http://ketas.si.pri.ee/misc/top-wired-out-of-memory.1707894761.txt 08:44:45 then i also found https://forums.freebsd.org/threads/server-freezes-when-using-git-to-update-ports-tree.88651/ 08:44:46 Title: Server freezes when using Git to update ports tree | The FreeBSD Forums 08:45:10 i didn't realize what actually happens 08:46:27 rtprio: you have 287GB of memory? i'm fairly sure your system has nothing to offer as far as ketas' problem goes :-) 08:46:45 ZFS is still terrible in low-memory situations and this is a legitimate problem 08:47:07 sad eh 08:47:23 yep. sadly it doesn't use zfs 08:47:38 it? 08:47:49 the system with 256gb of ram 08:47:52 oh 08:47:58 i mean other tasks on zfs work here 08:48:09 reasonable speeds 08:48:57 git clone --depth 20 or --single-branch should help a great deal 08:49:42 unless you need full history 08:50:10 i used those suggestions there 08:50:16 to limit git 08:50:29 btw, it's really great that resolvconf puts in a bogus ipv6 resolver when the one in rc.conf is perfectly functional 08:51:04 your rdnss should work 08:51:34 # Generated by resolvconf 08:51:34 nameserver fe80::86d3:43ff:fe00:9a63%vtnet0 08:51:49 in rc.conf, tho? 08:51:57 rtprio: resolvconf doesn't do that... are you sure your router isn't advertising a DNS address? 08:51:58 no, and furthrmore what was in this file before was fine 08:52:01 meh dns at ll 08:52:19 lw: shouldn't it only do that if it's dhcp? 08:52:28 ketas: not rc.conf. i'm tired 08:52:35 rtprio: no, RA messages can include DNS server addresses 08:52:40 change it or make it work 08:52:47 or disable resolvconf 08:53:49 RA is in route advertisements? 08:53:54 *As 08:53:57 yeah 08:54:19 but, what advertises linklocal rdnss? 08:54:53 i don't think rtadvd did it 08:55:02 rtprio: yes, RA = router advertisement 08:55:11 rdnss / dnssl is awesome 08:55:18 use if you can 08:55:33 yeah, fe80 is local, the router shoudln't advertise as this isp isn't even using ipv6 08:56:00 it comes from isp eh0 08:56:01 ? 08:56:23 rtprio: this has nothing to do with what the upstream ISP is doing... if the router thinks it has a functional DNS resolver, it may advertise its address as DNS server in RA 08:56:30 so isp has ra enabled but it isn't even working v6? 08:56:38 the fix for this is to configure the router to not do that 08:56:42 hope not 08:57:18 (assuming you don't want it to, anyway... my routers advertise correct DNS resolvers in RA messages) 08:57:20 meh "routers" 08:57:32 it's some consumer crap; i don't recall seeing how to turn off ipv6 on the lan 08:57:38 owwww 08:57:47 i miss my edgerouter where i could actually accurately control these things 08:57:54 i though v6 would go better 08:57:55 or at least clearly be aware of them 08:58:01 in cpe's 08:58:04 apparently not 08:58:37 why you can't have it? 08:58:40 own router 08:58:46 here i have it 08:59:03 rtprio: the only advice i can offer is to not use "consumer crap" :-D 08:59:15 the isp lowered the bill if we took it; and bumped the speed 08:59:24 i mean, you have 256GB RAM, surely you can afford a proper router 08:59:38 haha, you would thing 08:59:51 i think they wanted it because the isp can remotely manage it 09:00:08 my isp gives me ftth, they have their own little huawei gpon bridge, from there it's fbsd 09:00:43 oh there it is in "ipv6 lan setting" 09:00:49 ra service. dhcpv6 service . 09:00:54 fwiw on our MikroTik devices this is entirely configurable... 09:00:57 [lexi⊙celo] > /ipv6/nd/print where interface=vlan106 09:00:57 Flags: X - disabled, I - invalid; * - default 09:00:57 3 interface=vlan106 ra-interval=3m20s-10m ra-delay=3s mtu=unspecified reachable-time=unspecified retransmit-interval=unspecified ra-lifetime=30m ra-preference=high hop-limit=unspecified advertise-mac-address=yes advertise-dns=yes managed-address-configuration=yes other-configuration=yes dns=1:8b0:aab5:106::10,2001:8b0:aab5:106:3::8 pref64=2001:8b0:6464:0:66::/96 09:01:19 why the fuck is this on by default 09:01:24 /96? 09:02:29 ketas: NAT64 prefix is always a /96 because that's the size of the IPv4 address space (128 - 32 = 96) 09:02:39 oh 09:03:15 parv: yeah WD used to make good HDDs but their SSDs have been known to be sucky for Linux when they started making them. Not surprised by its ZFS problem here. 09:06:11 unsure who makes good hdd's now 09:06:24 ketas: Crucial, Seagate 09:06:31 i decided i'll mix manufs 09:06:39 that's the entire list as far as i can tell 09:06:39 crucial hdd? :) 09:06:46 oh hdd 09:06:52 then just seagate 09:06:59 with ssd i don't even know 09:07:06 buy Exos, everything else is just bad 09:07:20 buy two different and mirror? 09:07:50 ketas: if you can get the right details from your GPON provider, you can get a SFP(+) adapter that does both [EGX]PON - so you use that as a demarcation point and terminate the FTTH in your own device that's plugged directly. 09:07:57 i used to buy only seagate hdds 09:08:00 eh... in my raidz i have 4x Exos and 4x HGST, but i don't think HGST make disks any more 09:08:05 but now i went all 3 09:08:09 or at least they don't tell them to ordinary peons 09:08:21 s/tell/sell 09:08:25 HGST is now just a datacenter brand from WDC. 09:08:36 debdrup: well i could 09:08:47 Inland makes really reliable (nvme) SSDs imo and I would put Crucial as a 2nd to them. 09:08:48 debdrup: tell me more about this. GPON is encrypted, right? how do you get the encryption key to terminate it yourself? 09:08:48 There are only three big manufacturers of spinning rust left, who've bought up the rest. 09:08:54 but those sfp's are kind of same 09:09:07 they run full os 09:10:24 they told they don't do other cpe's 09:10:42 debdrup: i'm interested in this becuause our FTTP ONT has what's obviously a standard BIDI SFP in it, and i'd love to just put it into our switch and do away with the ONT... 09:10:44 well i guess i could run own sfp 09:11:01 The SFP(+) modules run a RTOS that does the PON deencapsulation for ingress and PON encapsulation for egress, yes - but it's better than having a whole device sitting on the wall, if you can swing it. 09:11:26 lw: that's why you need details from your provider 09:11:34 it's tiny free device 09:11:56 actually i know huawei sfp gpon onts exist 09:11:57 debdrup: what details do i ask for? our provider is fine with very technical questions so do be specific :-) 09:11:59 FiberStore have them. 09:12:14 lw: LOID, username and/or password are what you'll usually need. 09:12:17 i asked isp but they they told no 09:12:29 serial here 09:12:48 Yea, they might also need serial cloning. 09:13:03 i was actually wanting sfp but then dropped that idea 09:13:41 instead i wrote monitoring script for hg8010h 09:13:43 debdrup: what's the username/password for? is that a GPON thing? we have a PPPoE username/password but that runs on top of the fibre 09:14:01 pppoe still? 09:14:06 oh god 09:14:17 ketas: yeah, everything in the UK uses PPPoE, it's a cultural thing 09:14:21 i mean i know why it's used 09:14:21 https://www.fs.com/de-en/products/133619.html is what I ended up grabbing, if memory serves - but you'll want one that matches the specific transceiver details. 09:14:24 but 09:14:24 Title: GPON ONU Stick with MAC SFP 1310nm-TX/1490nm-RX 1.244G-TX/2.488G-RX Class B+ 20km DOM Simplex SC/APC SMF Optical Transceiver Module (Industrial) - FS.com Europe 09:14:43 Yea, PPPoE is pretty widely deployed in both the UK and Germany, still. 09:14:46 imagine doing 1gbit/s via pppoe concentrator 09:14:49 ffffs 09:14:59 It's why ng_pppoe(4) has been updated in FreeBSD fairly recently. 09:15:11 ketas: yeah, that's what ng_pppoe(4) is for. 09:15:39 glad that i got rid of it 09:15:56 debdrup: i think the issue here is our ISP isn't responsible for the GPON backhaul... they just get a PPPoE connection over the backhaul network. so in that case i guess they can't provide us with the details we'd need 09:16:00 isp found way to provide dhcp 09:16:28 so it's dhcp+dhcpv6+ra 09:16:41 and second dhcp in vlan for tv 09:17:25 apparently what content providers require 09:17:37 also qos maybe 09:17:58 lw: ah yeah, if they're doing the fiber equivalent of getting access to the eBSA on the DSLAM (sorry, I don't remember the right vernacular for it, most of my ISP knowledge predates wide fiber deployment), that'll make it difficult to actually hand out anything but a pre-configured CPE device. 09:19:00 debdrup: fortunately no issues with the CPE, but i think the service they pay for is "transport PPPoE from A to B" 09:19:12 so our CPE works fine as long as it does PPPoE 09:19:21 debdrup: does that sfp work here? 09:19:39 ketas: depends on the transceiver details and where "here" is 09:20:00 (which it does... i just find it extremely silly that the Internet comes in as fibre, then it converted to copper, then is plugged into a 1000BASE-T SFP...) 09:20:48 Multiple VLANs with varying kinds of auto-configuration isn't an issue, because that happens on the Ethernet layer - the SFP modules just terminate the PON itself, and pass the Ethernet traffic to the host device that the SFP module is plugged into. 09:21:27 debdrup: i heard that despite gpon is like standard, they use huawei olt's and they have their own, iirc, encryption extensions... and to question why ffs huawei, they told, that it was only one which worked... even used lawyers to get interop but no dice 09:22:10 fuck standards eh 09:23:16 the fiber-optic discussion is strong with this one 09:24:17 so i kind of dropped the idea 09:24:30 they might also upgrade network 09:24:44 then my sfp is useless 09:26:13 switch i have in place doesn't have sfp too :p 09:26:32 but that's easy fix 09:26:48 i actually have ones with that 09:27:13 managed switches are miracle and i'll never go back 09:28:34 before it i used those cpe's with vlan switch chips in them but that's so crappy 09:29:30 a manged switch is just a box with a switch chip in it... 09:29:39 true but 09:30:16 those speedtouch cpes telia used here suck 09:30:43 now it's same shit different name 09:30:57 they *do* vlans 09:31:19 i also used wrt for that 09:31:27 also does vlans 09:31:36 ketas: can I please ask that you use commas instead of an enter button? Reading the stream of conciousness text can be.. difficult, and you're not in a rush to write out things as IRC isn't short for Instant Relay Chat, but rather Internet Relay Chat :P 09:32:08 maybe 09:34:16 but isn't it often like single sentence or so on one line? 09:34:32 lw: a managed switch and an unmanaged switch both have a switch chip in them; the difference is that the former has a control pane that lets you configure some of the details of the switching, whereas the latter _just_ switches between each port. 09:35:07 debdrup: yeah, sure i know that, maybe i was a bit imprecise 09:35:38 ketas: getting too bogged down in it wasn't my intent, it's just easier to read a conversation between multiple people if everyone tries to avoid stream-of-conciousness writing, that's all. 09:35:49 i recall unmanaged switch hacking, they do have config ports 09:36:08 although tbh i find it quite funny to describe Atheros or Realtek crap as a "switch chip" when compared to proper ICs... but it's not wrong 09:36:32 they run full l2 in them anyway 09:36:46 you just don't see it 09:36:57 lw: the fun part is when an unmanaged switch uses the exact same chips as the managed ones do, just that the place where the flash chip to store the control pane OS is unpopulated on the circuit board. 09:37:47 perhaps bit better asics? 09:38:01 Switches don't use ASICs. 09:38:14 what do they use then? 09:38:15 huh? isn't a switch chip an ASIC by definition 09:38:38 i mean, i know a lot of them nowadays have a complete CPU on the die, but 09:38:53 so they run an os? 09:39:49 i'm always wondering how do they work 09:39:54 I guess it depends on the specific device, but the ones I've seen use dedicated switching ICs, meaning they could in theory be ASICs that come pre-loaded with a switching core. 09:40:22 to forward frames by mac, isn't it complex 09:40:58 debdrup: you aren't confusing FPGA and ASIC are you? a switch with an FPGA core would be odd, but a switch chip is kind of inherently an ASIC since the "application" is "switching" (or routing) 09:41:11 Where ASICs _really_ get used is for those CPE devices that claim to do way faster speeds than the ~500MHz MIPS/ARM CPU can handle (which is also the case for the Unifi Security Gateway, for example). 09:41:14 have lookup tables for every port, etc 09:41:17 lw: yes, yes I am. 09:42:22 ketas: I mean, I wouldn't be surprised if you can find devices that work like that - doing LUTS is cheap in circuitry design, afterall 09:42:37 LUTs 09:42:53 s/$/*/ 09:43:34 hmm cheap? 09:43:44 all hw? 09:43:49 Well, cheaper than including a FPGA, at the very least. 09:44:03 I never said all hardware.. 09:44:31 those things run some code? 09:44:37 There's too many ways to design circuits for ICs, and you'll probably not be shocked to hear that circuit engineers are rather opinionated. :P 09:44:49 FPGAs do. 09:44:59 ketas: re: how switch chips work: the entire thing is based on a type of memory called TCAM ("ternary content addresible memory") which is best described as a hash table implement in hardware. for each frame received on a port, the IC looks up the destination port(s) in the TCAM and forwards it. 09:45:17 hmm 09:45:21 hw hash table eh 09:45:27 lw: that's assuming it's a store-and-forward chip, yes. 09:45:31 (L3 TCAM is more complicated, it's a TST in hardware, which allows shortest-prefix matching) 09:45:35 Cut-through switches do a whole-ass different design. 09:45:59 but sw can be implemented in hw 09:46:06 debdrup: aren't all switches store-and-forward nowadays? (honest question, i really have no idea) 09:46:17 i find cpu's complex 09:47:09 lw: nah, anything requiring low latency is still cut-through, as far as I know. 09:47:26 hmm, i wonder what the Marvell switch chips in our kit uses 09:47:44 they are L3 switches, so i assumed they use TCAM to support prefixing matching 09:47:46 apparently you can also do ip in hw 09:47:51 It's a more expensive design to be sure, so you won't find it in chips where the customer isn't expected to pay a premium. 09:47:58 for speed 09:47:58 ketas: sure, that's "easy". 09:48:10 It's a bad idea for a whole bunch of reasons, but you _can_. 09:48:10 ketas: yes, all "carrier-grade" gear does IP in hardware, and usually MPLS in hardware as well 09:48:25 how? 09:48:43 That's what I was talking about before; those CPE routers all do IP in hardware. 09:48:52 simply by implenting logic in circuit? 09:49:02 ketas: how -> TCAM. you store the routing table in TCAM, then you can ask for the best match route for a specific IP address. 09:49:30 the reason this gear is expensive is that TCAM is expensive 09:50:05 The problem with doing IP and routing in hardware is that any time you're looking to do something even slighty custom, you're suddenly not on the fast-path through hardware, but going through the CPU. 09:50:09 (well, that, and that Cisco/Arista/etc. know that ISPs will pay a lotof money for it) 09:50:28 There's no way to do +10Tbps in software, though. *shrug* 09:50:49 imagine how horrible it was to switch to ipv6 09:50:59 throw chip out 09:51:01 ..what? 09:51:03 :p 09:51:08 implementing a TCAM switch chip for IPv6 is really not difficult at all 09:51:26 the cost in supporting IPv6 is mostly around the software to interact with it 09:51:30 but it's a new chip? 09:51:41 well, yes, but every new model of switch has a new chip in it 09:52:01 why is v6 adoption slow btw 09:52:24 i've had it for 20 years 09:52:32 It's over a quarter century old. 09:52:50 because there's no benefit for western ISPs to implement IPv6, so why would they? 09:53:00 first tunnel, 10y, then native, 10y 09:53:05 look at somewhere like India, IPv6 adoption is huge there 09:53:22 > 50% of *all* Internet traffic in India is IPv6 09:53:26 some servers got vy 09:53:29 v6 09:53:35 fb, google 09:53:44 FB, Google are not ISPs 09:53:47 To be clear, it's more about the cost it'd require for existing ISPs with big IPv4 allocations. 09:53:59 well i was talking about other side too 09:54:13 there is a huge cost to ISPs to support IPv6 when you consider the cost to replace CPEs, to provide tech support, etc 09:54:15 There's a _shedload_ of middleware devices that'd all need to be upgraded. 09:54:49 this cost is not insurmountable, and in the US, Comcast deserved credit for their IPv6 support 09:54:53 CPEs and tech support aren't that bad; the first get cycled out fairly regularly, and tech support is a running cost. 09:54:56 but you can understand why most ISPs just don't bother 09:55:28 v4 still works? 09:55:35 :) 09:55:38 Nobody's disabled it so far. 09:55:43 Well, no ISP. 09:55:45 i'm fairly sure that any ISP that provides IPv6 also supports v4, yes 09:55:54 I don't do v4 on my LAN because I'm a nerd. :P 09:56:04 v6 only lan? 09:56:07 although my VM provider doesn't give me an IPv4 address. they charge more for that. 09:56:14 but they aren't a consumer ISP, so... 09:56:19 v6-only LAN with FQDNs, yes. 09:56:30 ketas: v6 only LAN is possible but comes with a lot of caveats 09:56:35 lw: i recall seeing a cheap provider that charges extra for v4 addresses 09:56:46 rtprio: [#freebsd] although my VM provider doesn't give me an IPv4 address. they charge more for that. 09:56:50 rtprio: yea, I've seen that. 09:56:51 i have wondered about doing v6 only lan for some devices 09:57:39 if i did more v6 i would need to carefully plan firewall rules 09:57:50 since it wouldn't be hidden behind one or two ports of nat 09:57:51 v6 only works great with Apple macOS or iOS and fairly badly with anything else, because Apple is the only vendor who put the effort into making it work 09:58:07 fw is needed anyway 09:58:08 NAT isn't for security, anyhow. 09:58:31 An ACL is needed for network security, irrespective of whether or not you have NAT. 09:58:34 i have vpn tunnel to my phone so it has own v6 ip 09:59:09 isp itself told that no v6 on mobile is because no device support 09:59:11 unsure 09:59:41 that sounds like nonsense, *all* phones support IPV6-only because a lot of carriers require it 09:59:55 yes, i could restrict my web page but i don't see a lot of point in adding an acl to that 10:00:29 actually my phone has hidden v6 10:00:40 Phones have some of the best IPv6 deployment, yeah. 10:00:57 it does volte, for that it does ipsec over ipv6 apparently 10:01:01 fun eh 10:01:52 but there is somehow no "wan" v6 10:02:02 phones are fuckup too 10:02:04 much as i love talking about ipv6, i have to go play Factorio, but /msg me or something if you have ipv6 questions, i'm always happy to help 10:02:27 watch out for biters 10:02:42 don't have to go 10:02:55 could stay here 10:04:11 debdrup: well nat only allows outbound traffic, typical fw rule setup 10:04:17 so it's kind of fw 10:04:41 NAT is _not_ a firewall. 10:05:41 most of times it has some fw rules too 10:05:49 anyway 10:05:57 No, it doesn't. 10:06:38 i can't come up with any solution that doesn't do nat with what's essentially a fw 10:06:48 packet filter 10:07:45 however you call it, you can't access host behind it 10:10:01 Go ahead and treat it like a firewall if you think it'll protect your network from all the things designed to do NAT traversal - it won't, but you can believe it all you want. 10:11:51 no it won't protect from it 10:12:58 if you need outbound filtering, you need fw 10:13:28 If you need packet filtering, you use a packet filter. 10:13:40 if you're on the Internet, you need a packet filter 10:14:13 but mostly on inbound? 10:14:43 You need to packet filter inbound packets as well. NAT will not filter packets. 10:14:55 NAT outbound implies inbound 10:15:02 much like i could have know in the inside of front door 10:15:05 it translates the inbound packets to an internal host 10:15:26 knob 10:15:36 wut? ur a knob 10:16:22 well nat drops inbound traffic if no state 10:16:41 it has nowhere to go 10:17:33 except to host, and there you have "actual fw" probably :p 10:18:26 besides, every host needs to be secure actually 10:18:41 I don't really care what you do on your network, as you're presumed to be responsible for what happens there - but it's bad advice to tell people that NAT functions like a firewall when it demonstrably does not. 10:18:46 we need to build things like that 10:20:02 it functions kind of one wat forwarder then? 10:20:03 y 10:20:18 one wat forwarder then? y? 10:20:20 what 10:21:08 Can you use a hammer on a screw? Sure. Should you? 10:21:18 debdrup: yes. you should. 10:21:24 orz 10:21:25 bang 10:21:39 I give up. 10:21:52 Do whatever you want, just don't give actively harmful advice. 10:22:05 noone should think nat protects tho 10:22:07 i am joking, but honestly, i would probably use a hammer on a screw if it was the easiest way to get it into the hole 10:22:28 this is why i am not a professional builder though 10:22:54 but that's now how most gets in 10:24:06 not 10:26:25 it's just that with actual routing, if no fw, everything gets passed, in and out 10:27:41 wasn't nat traversal from in to out anyway? 10:28:43 that needs fw 10:29:44 fuck knows, maybe everyone needs outbound fw too nowadays 10:31:15 someone decided to ddos me here, i can't filter it out because src is spoofed :p 10:32:38 can't point my finger anywhere too 10:33:02 despite 2 months of free net test 10:38:31 call it whatever you wish, with nat you need state mapped from inside to outside. bound to 3 hosts 10:39:24 stateful firewall with no outbound filter does same thing 12:45:05 Hello, with BSD Make the "$<" character appears to not point to the first dependency. Is there another variable to use or do I just need to hardcode that usage? 13:12:25 matthewp: $< (or .IMPSRC) is only defined in suffix-transformation rules, depending on your requirements you might use $> (or .ALLSRC) 13:14:04 ah no $> is also only defined in transformation rules 13:14:24 * satanist stupid 13:14:39 no $> might work 15:14:33 As the surgeon said, "let's operate and find out" 15:15:25 soundl like my appendix surgery 16:08:29 tm512: was it a pre-existing pkgbase install, or was this your first use of pkgbase? 16:30:32 lw, ping 20:27:38 trying to setup a very very basic nfs share for /pool0 to anyone on the network, i went with V4: /pool0 -network 192.168.1.0/24, but when i try to mount it on some debian client with `mount 192.168.1.188:/pool0 /mnt/fbsdnfs`, i keep getting access denied by server 20:28:00 any ideas? 20:30:40 `showmount 192.168.1.188` shows the pool0 export on the fbsd server as well as the debian client 20:33:13 good luck. you can try getting the error code from tcpdump and looking up the error code 20:33:49 i'm assuming you're trying to mount from a port < 1024 20:35:17 also, i've forgotten how it's supposed to be, but i have "V4: /" on a single line, then a separate line for the specific mountpoint(s) 20:35:57 https://www.rfc-editor.org/rfc/rfc7530#section-13.1 20:35:58 Title: RFC 7530: Network File System (NFS) Version 4 Protocol 20:37:46 yeah, i think it might be your exports syntax (even if it's coming up in showmount, according to the manpage, the V4: [...] line does not actually export) 20:40:05 kevans: first use of pkgbase. do subsequent installations properly handle merging config files and whatnot? 20:51:52 tm512: yes 20:52:13 ideally bootstrapping pkgbase would be the same version you're already on so that you can more or less restore everything from .pkgsave safely 20:52:55 Hi all, quick question which I am looking for guidance. When I run # pkg ccheck -d -a I receive >>> pkg: No packages available to install matching 'openssl111' have been found in the repositories 20:53:52 I have posted the question in #opnsense as well (since the error comes from target opnsense system). unfortunately, I have no idea how to investigate this. Please any suggestions? 20:54:04 uf: your mount -t nfs needs to also state tha tyou're using nfs v4 20:54:43 it's 15:54 my time. there are ~15 messages in the last half hour (back to 15:27). then nothing for the prior 4 hours. did others experience that as well? i'm connecting through IRCCloud, and i think it fails to pick up everything in this channel sometimes 20:54:45 Somewhere in the Handbook I recall reading that it suggested, and I do too, that unless you really need v4 that one should use v3 as it is simpler and trouble free. 20:55:22 scoobybejesus: yes, there was a long period of silence from utc 1630-2023 20:56:00 okay thank you rtprio 20:56:30 cybercrypto: it seems like that error message is saying that nothing requires openssl111 20:56:40 do you have an openssl3 installed too 20:56:41 ? 20:58:25 what are you trying to accomplish running `pkg check`; is there another problem 20:58:34 rtprio: pkg ipmi is complaining, I read from this log: 20:58:48 ipmitool has a missing dependency: openssl111 20:58:49 ipmitool is missing a required shared library: libcrypto.so.11 21:00:25 This is the openssl package I have installed: openssl-3.0.13,1 (no other, to my knowledge) 21:02:27 I am trying to sandbox an update (which I did and worked all the way) but now... when running pkg check, i got this error - which I dont know why. 21:02:39 >>> There are still missing dependencies. 21:03:28 Of course, the update worked and completed ok, I am trying to understand what is this 'error' before upgrade the production. 21:04:23 di the update straddle the openssl111 to 30 update? 21:10:38 rtprio: Sorry, I dont know how to answer that quesiton. 21:58:14 lw 22:17:29 one must be careful using index() in perl to find a match.. it will NOT always give you what you expect.